Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: uN4m5kUaEZl3rhBbohoB2p0sSwlMaMOeiO4Eelf5JBs=
Subject key identifier: 13:1E:C1:9A:19:1C:80:DD:9C:99:93:28:45:C8:11:45:8F:8C:81:C6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 19DFB70EAC45F8CEFF6D9541302A4275DD131489
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Mon 01 Sep 2025 21:40:46 +0000
ROA not before: Mon 01 Sep 2025 21:40:46 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 18:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:df:b7:0e:ac:45:f8:ce:ff:6d:95:41:30:2a:42:75:dd:13:14:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:40:46 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=72ab001e2a49e8470a30c5bd5df74160e67740ff23f5601bceb4e721a67fbce1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:10:d1:15:00:1a:92:f0:1c:9b:51:9b:f1:23:
77:b1:64:00:94:59:c7:56:cd:25:61:c8:8e:db:93:
d0:c7:8a:b4:9a:41:ad:55:aa:0c:7a:2d:eb:c8:d2:
c3:bd:37:dc:50:ae:bb:38:3a:f1:e5:bd:63:24:92:
05:a8:43:54:0d:f0:f2:78:ef:ce:17:16:0d:a7:e2:
cf:29:55:02:3d:c8:2c:0d:ab:75:9d:8c:a5:9c:15:
59:c3:75:e7:92:9d:57:2d:6d:6d:db:1b:b1:4e:f8:
94:9d:19:0d:52:fc:3b:9a:3f:05:c0:ee:ae:ef:17:
f1:5e:b6:d8:ae:98:c1:ad:60:47:8c:8f:dc:1d:64:
0c:86:bd:20:02:f3:68:e6:8f:f6:f0:dd:7b:f1:fd:
9b:e7:34:7b:3a:f0:ee:67:59:83:2d:53:3b:d1:40:
b6:12:62:97:7a:cf:42:ed:e7:95:28:e5:74:e6:47:
be:3f:31:22:1d:b1:14:e9:66:36:fa:cd:d0:e2:ee:
c9:af:02:10:01:2c:43:92:67:4d:99:0a:b6:14:93:
92:98:72:3c:1b:24:c0:04:94:ea:21:8c:7e:ad:14:
88:02:30:fc:f2:af:59:34:8d:41:c9:77:e7:32:10:
23:66:61:2f:71:fd:8d:9e:83:cb:ce:ff:74:29:dc:
9d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:1E:C1:9A:19:1C:80:DD:9C:99:93:28:45:C8:11:45:8F:8C:81:C6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:79:1f:84:52:30:b2:36:05:b1:14:33:12:81:e1:9d:82:63:
52:03:03:77:cc:0a:db:c6:d5:49:74:f8:58:8f:4b:4b:14:32:
d2:b8:48:32:41:a1:63:48:3f:c3:69:ae:f9:bf:12:81:42:fe:
bf:bb:c8:3f:63:7d:dc:3c:d6:a4:4f:40:8d:01:3c:f7:be:04:
a7:66:8f:c6:d4:e9:79:5d:12:00:5f:38:71:3b:64:7b:97:0f:
26:1c:92:64:91:b9:c3:89:1a:4a:58:e5:ca:e5:31:ad:3b:01:
62:d6:14:6d:fd:c0:e4:a3:7f:39:f9:29:08:03:ed:b9:14:b2:
d7:bc:bc:0b:5b:45:c6:8a:17:16:17:a4:d3:dc:0c:25:2f:98:
8a:a5:1a:8c:4f:13:e1:b1:3b:7a:01:3b:c8:0a:e4:0e:9d:39:
87:31:c2:05:b7:23:68:20:2d:6a:31:ec:69:da:af:49:e2:03:
b0:cb:06:9e:80:d1:3c:09:ea:ae:c9:95:49:3d:13:74:07:e8:
38:62:72:46:dc:de:99:d4:60:eb:6a:30:1e:bb:bf:3c:16:17:
31:47:85:97:e4:01:b3:4c:d2:2e:15:fb:a0:e6:05:53:74:ff:
ae:5a:1f:86:af:48:a4:91:94:d8:12:82:6c:ac:13:d7:2e:29:
57:cb:df:d3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGd+3DqxF+M7/bZVBMCpCdd0TFIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTQwNDZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyYWIwMDFlMmE0OWU4NDcwYTMwYzViZDVkZjc0MTYwZTY3NzQwZmYyM2Y1
NjAxYmNlYjRlNzIxYTY3ZmJjZTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJEQ0RUAGpLwHJtRm/Ejd7FkAJRZx1bNJWHIjtuT0MeKtJpBrVWqDHot68jS
w7033FCuuzg68eW9YySSBahDVA3w8njvzhcWDafizylVAj3ILA2rdZ2MpZwVWcN1
55KdVy1tbdsbsU74lJ0ZDVL8O5o/BcDuru8X8V622K6Ywa1gR4yP3B1kDIa9IALz
aOaP9vDde/H9m+c0ezrw7mdZgy1TO9FAthJil3rPQu3nlSjldOZHvj8xIh2xFOlm
NvrN0OLuya8CEAEsQ5JnTZkKthSTkphyPBskwASU6iGMfq0UiAIw/PKvWTSNQcl3
5zIQI2ZhL3H9jZ6Dy87/dCncnR8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQTHsGa
GRyA3ZyZkyhFyBFFj4yBxjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQCVeR+EUjCyNgWxFDMSgeGdgmNSAwN3zArbxtVJdPhY
j0tLFDLSuEgyQaFjSD/Daa75vxKBQv6/u8g/Y33cPNakT0CNATz3vgSnZo/G1Ol5
XRIAXzhxO2R7lw8mHJJkkbnDiRpKWOXK5TGtOwFi1hRt/cDko385+SkIA+25FLLX
vLwLW0XGihcWF6TT3AwlL5iKpRqMTxPhsTt6ATvICuQOnTmHMcIFtyNoIC1qMexp
2q9J4gOwywaegNE8CequyZVJPRN0B+g4YnJG3N6Z1GDrajAeu788FhcxR4WX5AGz
TNIuFfug5gVTdP+uWh+Gr0ikkZTYEoJsrBPXLilXy9/T
-----END CERTIFICATE-----
Generated at Wed Sep 17 01:58:25 2025 by rpki-client